- Managing issued tokens granted by each user (obtaining a list of clients, and updating scopes and revoking permissions for a particular client)
- Authlete's policy on sweeping unused tokens
- How to specify token(s) on updating its information
- Token duration per scope
- Changing token duration
- How to calculate token duration
- Access Tokens
- Refresh Tokens
- Changing signing key for ID token
- Detecting "claims" expected to be included into ID token
- Generating encrypted ID token
- Adding claims to an ID token
- PKCE (RFC 7636)
- Client Management
- Authorization Endpoint
- User Authentication
- Error Handling
- Client Authentication
- Userinfo Endpoint
Generating encrypted ID token
This article explains an example on how to configure Authlete to generate encrypted ID tokens for a particular client.
Prepare a JWK set to be used for encrypting ID tokens, and register it. See the following article for instructions.
Choose encryption algorithm of ID token for the client. See Client Settings - JWK Set for details.
In this example, the following settings in accordance with the registered public key are specified:
- ID Token Encryption Algorithm: ECDH_ES
- ID Token Encryption Encoding Algorithm: A128CBC_HS256
With the settings above, Authlete will be encrypting ID tokens for the client.
How did we do with this article?